There is a lot to learn this week. It starts with non-technical things like going for a walk to refresh your mind and finishes with how to prevent reverse XSS attacks in forms.
But it doesn’t matter whether you learn how to build self-contained web components using the new specification or to maximize the efficiency of your Angular 2 app or just how you can write less code. What matters is that you keep asking questions and that you try to get better and smarter at your craft.

There is a lot to learn this week. It starts with non-technical things like going for a walk to refresh your mind and finishes with how to prevent reverse XSS attacks in forms. But it doesn’t matter whether you learn how to build self-contained web components using the new specification or to maximize the efficiency of your Angular 2 app or just how you can write less code. What matters is that you keep asking questions and that you try to get better and smarter at your craft.

General

Heydon Pickering shares tips on writing less code to make your developer life easier. Something we all should remember.

Tools & Workflows

Nucleus is certainly not the first living style guide generator but it’s still worth sharing. The Node.js module fits into existing projects, follows the Patternlab splitting by default, and has a nice layout where you easily find the things you’re looking for.

Nucleus is a living style guide generator that fits in well in both new and existing projects.

Security

Matthew Green asks himself if Apple’s cloud key vault is a crypt backdoor. In his explanatory answer, he shares why Apple’s method of using Hardware Security Modules is pretty clever and maybe worth learning more about if you’re interested in storing sensitive user data behind weak user-set passwords.

Using social engineering by pretending to be a valid website in the URL bar is easy with the RTL feature of Chrome and Firefox and this little trick. I’m sure this type of attack is successful since most normal users do check if a URL is correct but they can’t see anything bad in it. A good reminder that we need to find better ways to let users know that the URL they visit is safe.

Web Performance

Nolan Lawson wrote about the cost of small modules, analyzing how much code is used when you build your codebase with a lot of small modules. The article reveals interesting stats and compares modern minifiers and JavaScript bundlers, as well as execution times of such bundles in various browsers.

Going Beyond…

Bill Gates shares what he learned from his school teacher and how only later he realized that students should ask teachers more questions. If we ask more, we will learn from others. It’s always harder to proactively communicate knowledge to other people than being asked for it.

Phillip Rogaway shares a paper on “The Moral Character of Cryptographic Work” (PDF). An interesting read on the shift of power and why cryptography is often a political tool that demands high morals and ethical fundamentals of those who build it. Anyone who ever discussed the topic of morals and ethics in science should read this.